SUSE-CU-2025:7286-1: Security update of private-registry/harbor-nginx
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue Oct 14 07:12:33 UTC 2025
SUSE Container Update Advisory: private-registry/harbor-nginx
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:7286-1
Container Tags : private-registry/harbor-nginx:1.21 , private-registry/harbor-nginx:1.21.5 , private-registry/harbor-nginx:1.21.5-2.51 , private-registry/harbor-nginx:latest
Container Release : 2.51
Severity : moderate
Type : security
References : 1236851 1248070 CVE-2025-23419 CVE-2025-53859
-----------------------------------------------------------------
The container private-registry/harbor-nginx was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3444-1
Released: Wed Oct 1 14:42:58 2025
Summary: Security update for nginx
Type: security
Severity: moderate
References: 1236851,1248070,CVE-2025-23419,CVE-2025-53859
This update for nginx fixes the following issues:
- CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process (bsc#1248070).
- CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 (bsc#1236851).
The following package changes have been done:
- system-user-harbor-2.13.2-150600.2.2 updated
- nginx-1.21.5-150600.10.12.1 updated
- container:suse-sle15-15.6-6429c740360927063bab19b5f63298ae2d71284ae35513c7a3f6d6d1593efc7b-0 updated
More information about the sle-container-updates
mailing list